Why is matching hosts crucial for redirect_uri in OAuth app development?

ksumandeepkaur
Visitor
1 0 0
Oauth error invalid_request: The redirect_uri and application url must have matching hosts
Replies 5 (5)

simon-skrod
Shopify Partner
145 12 28

Hi @ksumandeepkaur ,

Probably you have different hosts on your oauth url

 

format should be as following:

https://{storeDomain}/admin/oauth/authorize?client_id={client_id}&scope={scope}&redirect_uri={redirect_uri}&state={state}

 

where redirect_uri has same host as your app host provided on shopify partners app set up.

 

Example if you run your local env and your application url on shopify partners applications is:

http://localhost:4200/user/auth

this means you need to provide redirect url with http://localhost:4200 host, otherwise it will not allow you to authorize during application installation.

Simonas Skrodenis
Developer of Feeds Bridge - Catalog Management System
Email: simonas@feedsbridge.com
gwhitworth
New Member
4 0 0

@SIM How do I manage the application URL for a custom private application? I don't see this anywhere. I'm running in localhost:9000 and I'm of course pointing to the live store which has the fully qualified myshopify.com URL. But the requesting origin and redirect origin are the same (eg: http://localhost:9000/testShopify and redirect http://localhost:9000/shopifyAuth )

simon-skrod
Shopify Partner
145 12 28

@gwhitworth, why you want to use Authentication endpoint for custom private app? Such apps has Authentication token which is being generated on shopify and you can already use shopify resources using this token.

Simonas Skrodenis
Developer of Feeds Bridge - Catalog Management System
Email: simonas@feedsbridge.com
gwhitworth
New Member
4 0 0

@Simon thanks, I ended up tracking this down that I request the access-token without this dance due to the custom app and have since resolved my issue 🙂

HackerGuy
Shopify Partner
1 0 0

xss.png

test